src/crypttoken/ctfile.c

/***************************************************************************
    begin       : Wed Mar 16 2005
    copyright   : (C) 2005-2010 by Martin Preuss
    email       : martin@libchipcard.de

 ***************************************************************************
 *          Please see toplevel file COPYING for license details           *
 ***************************************************************************/

#ifdef HAVE_CONFIG_H
# include <config.h>
#endif

#define DISABLE_DEBUGLOG


#include "ctfile_p.h"
#include "i18n_l.h"
#include <gwenhywfar/ctf_context_be.h>
#include <gwenhywfar/misc.h>
#include <gwenhywfar/debug.h>
#include <gwenhywfar/padd.h>
#include <gwenhywfar/cryptkeyrsa.h>
#include <gwenhywfar/text.h>

#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <string.h>
#include <errno.h>
#include <stdlib.h>
#include <unistd.h>


GWEN_INHERIT(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE)


int GWEN_Crypt_TokenFile__OpenFile(GWEN_CRYPT_TOKEN *ct, int wr, uint32_t gid)
{
  int fd;
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_FSLOCK_RESULT lres;
  const char *fname;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  fname = GWEN_Crypt_Token_GetTokenName(ct);
  if (!fname) {
    DBG_ERROR(GWEN_LOGDOMAIN,
              "No name of the crypt token set - maybe you need to set the key file as token name? Cannot lock token.");
    return GWEN_ERROR_IO;
  }

  lct->lock=GWEN_FSLock_new(fname,
                            GWEN_FSLock_TypeFile);
  lres=GWEN_FSLock_Lock(lct->lock, 10000, gid);
  if (lres!=GWEN_FSLock_ResultOk) {
    GWEN_FSLock_free(lct->lock);
    lct->lock=0;
    DBG_ERROR(GWEN_LOGDOMAIN, "Could not lock file");
    if (lres==GWEN_FSLock_ResultUserAbort)
      return GWEN_ERROR_USER_ABORTED;
    else
      return GWEN_ERROR_IO;
  }
  else {
    DBG_INFO(GWEN_LOGDOMAIN,
             "Keyfile [%s] locked.",
             GWEN_Crypt_Token_GetTokenName(ct));
  }

  if (wr) {
    /* write file */
    fd=open(GWEN_Crypt_Token_GetTokenName(ct),
            O_RDWR|O_CREAT
#ifdef OS_WIN32
            | O_BINARY
#endif
            ,
            S_IRUSR|S_IWUSR | lct->keyfile_mode);
  }
  else {
    /* Remember the access permissions when opening the file */
    struct stat statbuffer;
    if (!stat(GWEN_Crypt_Token_GetTokenName(ct), &statbuffer)) {
      /* Save the access mode, but masked by the bit masks for
      user/group/other permissions */
      lct->keyfile_mode =
        statbuffer.st_mode & (S_IRWXU
#ifndef OS_WIN32
                              | S_IRWXG | S_IRWXO
#endif
                             );
    }
    else {
      DBG_ERROR(GWEN_LOGDOMAIN,
                "stat(%s): %s",
                GWEN_Crypt_Token_GetTokenName(ct),
                strerror(errno));

      GWEN_FSLock_Unlock(lct->lock);
      GWEN_FSLock_free(lct->lock);
      lct->lock=0;
      DBG_INFO(GWEN_LOGDOMAIN,
               "Keyfile [%s] unlocked.",
               GWEN_Crypt_Token_GetTokenName(ct));
      return GWEN_ERROR_IO;
    }

    /* and open the file */
    fd=open(GWEN_Crypt_Token_GetTokenName(ct),
            O_RDONLY
#ifdef OS_WIN32
            | O_BINARY
#endif
           );
  }

  if (fd==-1) {
    DBG_ERROR(GWEN_LOGDOMAIN,
              "open(%s): %s",
              GWEN_Crypt_Token_GetTokenName(ct),
              strerror(errno));
    GWEN_FSLock_Unlock(lct->lock);
    GWEN_FSLock_free(lct->lock);
    lct->lock=0;
    DBG_INFO(GWEN_LOGDOMAIN,
             "Keyfile [%s] unlocked.",
             GWEN_Crypt_Token_GetTokenName(ct));
    return GWEN_ERROR_IO;
  }

  lct->fd=fd;

  return 0;
}


int GWEN_Crypt_TokenFile__CloseFile(GWEN_CRYPT_TOKEN *ct, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_FSLOCK_RESULT lres;
  struct stat st;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  if (lct->fd==-1) {
    DBG_ERROR(GWEN_LOGDOMAIN, "Keyfile \"%s\"not open",
              GWEN_Crypt_Token_GetTokenName(ct));
    return GWEN_ERROR_INTERNAL;
  }

  if (close(lct->fd)) {
    DBG_ERROR(GWEN_LOGDOMAIN, "close(%s): %s",
              GWEN_Crypt_Token_GetTokenName(ct), strerror(errno));
    lct->fd=-1;
    GWEN_FSLock_Unlock(lct->lock);
    GWEN_FSLock_free(lct->lock);
    lct->lock=0;
    DBG_INFO(GWEN_LOGDOMAIN,
             "Keyfile [%s] unlocked.",
             GWEN_Crypt_Token_GetTokenName(ct));
    return GWEN_ERROR_IO;
  }
  lct->fd=-1;

  lres=GWEN_FSLock_Unlock(lct->lock);
  if (lres!=GWEN_FSLock_ResultOk) {
    DBG_WARN(GWEN_LOGDOMAIN, "Error removing lock from \"%s\": %d",
             GWEN_Crypt_Token_GetTokenName(ct), lres);
  }
  GWEN_FSLock_free(lct->lock);
  lct->lock=0;
  DBG_INFO(GWEN_LOGDOMAIN,
           "Keyfile [%s] unlocked.",
           GWEN_Crypt_Token_GetTokenName(ct));

  /* get times */
  if (stat(GWEN_Crypt_Token_GetTokenName(ct), &st)) {
    DBG_ERROR(GWEN_LOGDOMAIN,
              "stat(%s): %s",
              GWEN_Crypt_Token_GetTokenName(ct),
              strerror(errno));
    return GWEN_ERROR_IO;
  }

#ifndef OS_WIN32
  if (st.st_mode & 0007) {
    DBG_WARN(GWEN_LOGDOMAIN,
             "WARNING: Your keyfile \"%s\" is accessible by every user on your computer!\n"
             "Nobody but you should have access to the file. You \n"
             "should probably change this with \"chmod 600 %s\"",
             GWEN_Crypt_Token_GetTokenName(ct),
             GWEN_Crypt_Token_GetTokenName(ct));
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Warning,
                         "WARNING: Your keyfile is accessible ny every user on your computer!\n"
                         "Nobody but you should have access to the file.");
  }
#endif
  lct->mtime=st.st_mtime;
  lct->ctime=st.st_ctime;

  return 0;
}


int GWEN_Crypt_TokenFile__Read(GWEN_CRYPT_TOKEN *ct, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  assert(lct->readFn);
  if (lseek(lct->fd, 0, SEEK_SET)==-1) {
    DBG_ERROR(GWEN_LOGDOMAIN, "lseek(%s): %s",
              GWEN_Crypt_Token_GetTokenName(ct),
              strerror(errno));
    return GWEN_ERROR_IO;
  }
  return lct->readFn(ct, lct->fd, gid);
}


int GWEN_Crypt_TokenFile__Write(GWEN_CRYPT_TOKEN *ct, int cr, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  if (lct->writeFn==0) {
    DBG_WARN(GWEN_LOGDOMAIN,
             "No write function in crypt token type \"%s\"",
             GWEN_Crypt_Token_GetTypeName(ct));
    return GWEN_ERROR_NOT_SUPPORTED;
  }

  if (lseek(lct->fd, 0, SEEK_SET)==-1) {
    DBG_ERROR(GWEN_LOGDOMAIN, "lseek(%s): %s",
              GWEN_Crypt_Token_GetTokenName(ct),
              strerror(errno));
    return GWEN_ERROR_IO;
  }
  return lct->writeFn(ct, lct->fd, cr, gid);
}


int GWEN_Crypt_TokenFile__ReadFile(GWEN_CRYPT_TOKEN *ct, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  /* clear context list, it will be reloaded */
  GWEN_Crypt_Token_Context_List_Clear(lct->contextList);

  /* open file */
  rv=GWEN_Crypt_TokenFile__OpenFile(ct, 0, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN,
             "Could not open keyfile for reading (%d)", rv);
    return rv;
  }

  /* read file */
  rv=GWEN_Crypt_TokenFile__Read(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "Error reading keyfile");
    GWEN_Crypt_TokenFile__CloseFile(ct, gid);
    return rv;
  }

  /* close file */
  rv=GWEN_Crypt_TokenFile__CloseFile(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "Could not close keyfile");
    return rv;
  }

  return 0;
}


int GWEN_Crypt_TokenFile__WriteFile(GWEN_CRYPT_TOKEN *ct, int cr, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  /* open file */
  rv=GWEN_Crypt_TokenFile__OpenFile(ct, 1, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN,
             "Could not open keyfile for writing (%d)", rv);
    return rv;
  }

  /* write file */
  rv=GWEN_Crypt_TokenFile__Write(ct, cr, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "Error writing keyfile");
    GWEN_Crypt_TokenFile__CloseFile(ct, gid);
    return rv;
  }

  /* close file */
  rv=GWEN_Crypt_TokenFile__CloseFile(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "Could not close keyfile");
    return rv;
  }

  return 0;
}


int GWEN_Crypt_TokenFile__ReloadIfNeeded(GWEN_CRYPT_TOKEN *ct, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  struct stat st;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  if (stat(GWEN_Crypt_Token_GetTokenName(ct), &st)) {
    DBG_ERROR(GWEN_LOGDOMAIN,
              "stat(%s): %s",
              GWEN_Crypt_Token_GetTokenName(ct),
              strerror(errno));
    return -1;
  }
  if (lct->mtime!=st.st_mtime ||
      lct->ctime!=st.st_ctime) {
    int rv;

    /* file has changed, reload it */
    DBG_NOTICE(GWEN_LOGDOMAIN,
               "Keyfile changed externally, reloading it");
    /* read file */
    rv=GWEN_Crypt_TokenFile__ReadFile(ct, gid);
    if (rv) {
      DBG_WARN(GWEN_LOGDOMAIN, "Error reloading keyfile");
      return rv;
    }
  }
  else {
    DBG_NOTICE(GWEN_LOGDOMAIN, "Keyfile unchanged, not reloading");
  }
  return 0;
}


void GWEN_Crypt_TokenFile_AddContext(GWEN_CRYPT_TOKEN *ct, GWEN_CRYPT_TOKEN_CONTEXT *ctx)
{
  GWEN_CRYPT_TOKEN_FILE *lct;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  /* make sure the context is a file context */
  assert(GWEN_CTF_Context_IsOfThisType(ctx));
  GWEN_Crypt_Token_Context_List_Add(ctx, lct->contextList);
}


GWEN_CRYPT_TOKEN_CONTEXT *GWEN_Crypt_TokenFile_GetContext(GWEN_CRYPT_TOKEN *ct, int idx)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (idx==0)
      return ctx;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    idx--;
  }

  return NULL;
}


GWEN_CRYPT_TOKEN_FILE_READ_FN GWEN_Crypt_TokenFile_SetReadFn(GWEN_CRYPT_TOKEN *ct,
                                                             GWEN_CRYPT_TOKEN_FILE_READ_FN f)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_FILE_READ_FN of;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  of=lct->readFn;
  lct->readFn=f;

  return of;
}


GWEN_CRYPT_TOKEN_FILE_WRITE_FN GWEN_Crypt_TokenFile_SetWriteFn(GWEN_CRYPT_TOKEN *ct,
                                                               GWEN_CRYPT_TOKEN_FILE_WRITE_FN f)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_FILE_WRITE_FN of;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  of=lct->writeFn;
  lct->writeFn=f;

  return of;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile_Create(GWEN_CRYPT_TOKEN *ct, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  struct stat st;
  int fd;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  if (!GWEN_Crypt_Token_GetTokenName(ct)) {
    DBG_ERROR(GWEN_LOGDOMAIN, "No medium name given");
    return GWEN_ERROR_INVALID;
  }

  if (stat(GWEN_Crypt_Token_GetTokenName(ct), &st)) {
    if (errno!=ENOENT) {
      DBG_ERROR(GWEN_LOGDOMAIN,
                "Error trying to access key file \"%s\": %s",
                GWEN_Crypt_Token_GetTokenName(ct),
                strerror(errno));
      return GWEN_ERROR_IO;
    }
  }
  else {
    DBG_ERROR(GWEN_LOGDOMAIN,
              "Keyfile \"%s\" already exists, will not create it",
              GWEN_Crypt_Token_GetTokenName(ct));
    return GWEN_ERROR_INVALID;
  }


  /* create file */
  fd=open(GWEN_Crypt_Token_GetTokenName(ct),
          O_RDWR | O_CREAT | O_EXCL
#ifdef OS_WIN32
          | O_BINARY
#endif
          ,
          S_IRUSR|S_IWUSR);


  if (fd==-1) {
    DBG_ERROR(GWEN_LOGDOMAIN,
              "open(%s): %s",
              GWEN_Crypt_Token_GetTokenName(ct),
              strerror(errno));
    return GWEN_ERROR_IO;
  }

  close(fd);

  rv=GWEN_Crypt_TokenFile__WriteFile(ct, 1, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here");
    return rv;
  }

  return 0;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile_Open(GWEN_CRYPT_TOKEN *ct, GWEN_UNUSED int admin, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  rv=GWEN_Crypt_TokenFile__ReadFile(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here");
    return rv;
  }

  return 0;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile_Close(GWEN_CRYPT_TOKEN *ct, int abandon, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  if (!abandon)
    rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
  else
    rv=0;

  /* free/reset all data */
  GWEN_Crypt_Token_Context_List_Clear(lct->contextList);
  lct->mtime=0;
  lct->ctime=0;

  return rv;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile__GetKeyIdList(GWEN_CRYPT_TOKEN *ct,
                                                     uint32_t *pIdList,
                                                     uint32_t *pCount,
                                                     uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  int i;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  /* count keys */
  i=0;
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    i+=GWEN_CRYPT_TOKEN_CONTEXT_KEYS;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
  }

  /* if no buffer given just return number of keys */
  if (pIdList==NULL) {
    *pCount=i;
    return 0;
  }

  if (*pCount<i) {
    DBG_INFO(GWEN_LOGDOMAIN, "Buffer too small");
    return GWEN_ERROR_BUFFER_OVERFLOW;
  }

  *pCount=i;
  i=0;
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    int j;

    for (j=1; j<=GWEN_CRYPT_TOKEN_CONTEXT_KEYS; j++)
      *(pIdList++)=(i<<16)+j;

    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i++;
  }

  return 0;
}


const GWEN_CRYPT_TOKEN_KEYINFO *GWENHYWFAR_CB GWEN_Crypt_TokenFile__GetKeyInfo(GWEN_CRYPT_TOKEN *ct,
                                                                               uint32_t id,
                                                                               GWEN_UNUSED uint32_t flags,
                                                                               uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  GWEN_CRYPT_TOKEN_KEYINFO *ki;
  int i;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return NULL;
  }

  i=id>>16;
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (i==0)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i--;
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
    return NULL;
  }

  switch (id & 0xffff) {
  case 1:
    ki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx);
    break;
  case 2:
    ki=GWEN_CTF_Context_GetLocalCryptKeyInfo(ctx);
    break;
  case 3:
    ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(ctx);
    break;
  case 4:
    ki=GWEN_CTF_Context_GetRemoteCryptKeyInfo(ctx);
    break;
  case 5:
    ki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx);
    break;
  case 6:
    ki=GWEN_CTF_Context_GetRemoteAuthKeyInfo(ctx);
    break;
  case 7:
    ki=GWEN_CTF_Context_GetTempLocalSignKeyInfo(ctx);
    break;
  default:
    DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
    return NULL;
  }

  if (ki==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No key info stored for key %d", id);
    return NULL;
  }

  return ki;
}


#if 0
int GWENHYWFAR_CB GWEN_Crypt_TokenFile__SetKeyInfo(GWEN_CRYPT_TOKEN *ct,
                                                   uint32_t id,
                                                   const GWEN_CRYPT_TOKEN_KEYINFO *ki,
                                                   uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  int i;
  int rv;
  GWEN_CRYPT_TOKEN_KEYINFO *nki;
  GWEN_CRYPT_KEY *key;
  uint32_t flags;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  flags=GWEN_Crypt_Token_KeyInfo_GetFlags(ki);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  i=id>>16;
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (i==0)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i--;
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
    return GWEN_ERROR_NOT_FOUND;
  }

  nki=GWEN_Crypt_Token_KeyInfo_dup(ki);
  assert(nki);
  switch (id & 0xffff) {
  case 1:
    GWEN_CTF_Context_SetLocalSignKeyInfo(ctx, nki);
    key=GWEN_CTF_Context_GetLocalSignKey(ctx);
    break;
  case 2:
    GWEN_CTF_Context_SetLocalCryptKeyInfo(ctx, nki);
    key=GWEN_CTF_Context_GetLocalCryptKey(ctx);
    break;
  case 3:
    GWEN_CTF_Context_SetRemoteSignKeyInfo(ctx, nki);
    key=GWEN_CTF_Context_GetRemoteSignKey(ctx);
    break;
  case 4:
    GWEN_CTF_Context_SetRemoteCryptKeyInfo(ctx, nki);
    key=GWEN_CTF_Context_GetRemoteCryptKey(ctx);
    break;
  case 5:
    GWEN_CTF_Context_SetLocalAuthKeyInfo(ctx, nki);
    key=GWEN_CTF_Context_GetLocalAuthKey(ctx);
    break;
  case 6:
    GWEN_CTF_Context_SetRemoteAuthKeyInfo(ctx, nki);
    key=GWEN_CTF_Context_GetRemoteAuthKey(ctx);
    break;
  default:
    DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
    GWEN_Crypt_Token_KeyInfo_free(nki);
    return GWEN_ERROR_NOT_FOUND;
  }

  /* replace key if modulus and exponent are given */
  if ((flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS) &&
      (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT) &&
      id!=1 && /* don't change local keys */
      id!=2 &&
      id!=5) {
    GWEN_CRYPT_KEY *nkey;

    nkey=GWEN_Crypt_KeyRsa_fromModExp(GWEN_Crypt_Token_KeyInfo_GetKeySize(ki),
                                      GWEN_Crypt_Token_KeyInfo_GetModulusData(ki),
                                      GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki),
                                      GWEN_Crypt_Token_KeyInfo_GetExponentData(ki),
                                      GWEN_Crypt_Token_KeyInfo_GetExponentLen(ki));
    assert(nkey);

    if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
      GWEN_Crypt_Key_SetKeyNumber(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
    if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
      GWEN_Crypt_Key_SetKeyVersion(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));

    /* replace public key */
    switch (id & 0xffff) {
    case 3: /* remote sign key */
      GWEN_CTF_Context_SetRemoteSignKey(ctx, nkey);
      break;
    case 4: /* remote crypt key */
      GWEN_CTF_Context_SetRemoteCryptKey(ctx, nkey);
      break;
    case 6: /* remote auth key */
      GWEN_CTF_Context_SetRemoteAuthKey(ctx, nkey);
      break;
    default:
      DBG_ERROR(GWEN_LOGDOMAIN,
                "Can't set modulus and exponent for private key");
      GWEN_Crypt_Key_free(nkey);
      return GWEN_ERROR_INVALID;
    }
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
                         I18N("Public key replaced"));
  }
  else {
    if (key) {
      if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
        GWEN_Crypt_Key_SetKeyNumber(key, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
      if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
        GWEN_Crypt_Key_SetKeyVersion(key, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
    }
  }

  rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
                         I18N("Unable to write key file"));
    return rv;
  }

  GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
                       I18N("Key file saved"));

  return 0;
}
#endif


int GWENHYWFAR_CB GWEN_Crypt_TokenFile__SetKeyInfo(GWEN_CRYPT_TOKEN *ct,
                                                   uint32_t id,
                                                   const GWEN_CRYPT_TOKEN_KEYINFO *ski,
                                                   uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  int i;
  int rv;
  GWEN_CRYPT_TOKEN_KEYINFO *ki;
  GWEN_CRYPT_KEY *key;
  uint32_t flags;
  uint32_t nflags;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  flags=GWEN_Crypt_Token_KeyInfo_GetFlags(ski);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  i=id>>16;
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (i==0)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i--;
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
    return GWEN_ERROR_NOT_FOUND;
  }

  switch (id & 0xffff) {
  case 1:
    ki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx);
    key=GWEN_CTF_Context_GetLocalSignKey(ctx);
    break;
  case 2:
    ki=GWEN_CTF_Context_GetLocalCryptKeyInfo(ctx);
    key=GWEN_CTF_Context_GetLocalCryptKey(ctx);
    break;
  case 3:
    ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(ctx);
    key=GWEN_CTF_Context_GetRemoteSignKey(ctx);
    break;
  case 4:
    ki=GWEN_CTF_Context_GetRemoteCryptKeyInfo(ctx);
    key=GWEN_CTF_Context_GetRemoteCryptKey(ctx);
    break;
  case 5:
    ki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx);
    key=GWEN_CTF_Context_GetLocalAuthKey(ctx);
    break;
  case 6:
    ki=GWEN_CTF_Context_GetRemoteAuthKeyInfo(ctx);
    key=GWEN_CTF_Context_GetRemoteAuthKey(ctx);
    break;
  case 7:
    ki=GWEN_CTF_Context_GetTempLocalSignKeyInfo(ctx);
    key=GWEN_CTF_Context_GetTempLocalSignKey(ctx);
    break;
  default:
    DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
    return GWEN_ERROR_NOT_FOUND;
  }
  assert(ki);

  nflags=GWEN_Crypt_Token_KeyInfo_GetFlags(ki);

  if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSTATUS) {
    /* ignore for now */
  }

  if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS) {
    nflags&=~GWEN_CRYPT_TOKEN_KEYFLAGS_ACTIONMASK;
    nflags|=(flags & GWEN_CRYPT_TOKEN_KEYFLAGS_ACTIONMASK);
  }

  if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION) {
    uint32_t i32=GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ski);
    GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, i32);
    nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION;
    if (key)
      GWEN_Crypt_Key_SetKeyVersion(key, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ski));
    DBG_INFO(GWEN_LOGDOMAIN, "Setting key version");
  }

  if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER) {
    uint32_t i32=GWEN_Crypt_Token_KeyInfo_GetSignCounter(ski);
    GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, i32);
    nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER;
    DBG_INFO(GWEN_LOGDOMAIN, "Setting signature counter");
  }

  if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER) {
    uint32_t i32=GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ski);
    GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, i32);
    nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER;
    if (key)
      GWEN_Crypt_Key_SetKeyNumber(key, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ski));
    DBG_INFO(GWEN_LOGDOMAIN, "Setting key number");
  }

  /* replace key if modulus and exponent are given */
  if ((flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS) &&
      (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT) &&
      id!=1 && /* don't change local keys */
      id!=2 &&
      id!=5 &&
      id!=7) {
    GWEN_CRYPT_KEY *nkey;

    GWEN_Crypt_Token_KeyInfo_SetKeySize(ki, GWEN_Crypt_Token_KeyInfo_GetKeySize(ski));
    GWEN_Crypt_Token_KeyInfo_SetModulus(ki,
                                        GWEN_Crypt_Token_KeyInfo_GetModulusData(ski),
                                        GWEN_Crypt_Token_KeyInfo_GetModulusLen(ski));
    nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS;
    GWEN_Crypt_Token_KeyInfo_SetExponent(ki,
                                         GWEN_Crypt_Token_KeyInfo_GetExponentData(ski),
                                         GWEN_Crypt_Token_KeyInfo_GetExponentLen(ski));
    nflags|=GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT;
    nkey=GWEN_Crypt_KeyRsa_fromModExp(GWEN_Crypt_Token_KeyInfo_GetKeySize(ski),
                                      GWEN_Crypt_Token_KeyInfo_GetModulusData(ski),
                                      GWEN_Crypt_Token_KeyInfo_GetModulusLen(ski),
                                      GWEN_Crypt_Token_KeyInfo_GetExponentData(ski),
                                      GWEN_Crypt_Token_KeyInfo_GetExponentLen(ski));
    assert(nkey);

    if (nflags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
      GWEN_Crypt_Key_SetKeyNumber(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
    if (nflags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
      GWEN_Crypt_Key_SetKeyVersion(nkey, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));

    /* replace public key */
    switch (id & 0xffff) {
    case 3: /* remote sign key */
      GWEN_CTF_Context_SetRemoteSignKey(ctx, nkey);
      break;
    case 4: /* remote crypt key */
      GWEN_CTF_Context_SetRemoteCryptKey(ctx, nkey);
      break;
    case 6: /* remote auth key */
      GWEN_CTF_Context_SetRemoteAuthKey(ctx, nkey);
      break;
    default:
      DBG_ERROR(GWEN_LOGDOMAIN,
                "Can't set modulus and exponent for private key");
      GWEN_Crypt_Key_free(nkey);
      return GWEN_ERROR_INVALID;
    }
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
                         I18N("Public key replaced"));
  }
  else {
    if (key) {
      if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER)
        GWEN_Crypt_Key_SetKeyNumber(key, GWEN_Crypt_Token_KeyInfo_GetKeyNumber(ki));
      if (flags & GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION)
        GWEN_Crypt_Key_SetKeyVersion(key, GWEN_Crypt_Token_KeyInfo_GetKeyVersion(ki));
    }
  }

  GWEN_Crypt_Token_KeyInfo_SetFlags(ki, nflags);

  rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
                         I18N("Unable to write key file"));
    return rv;
  }

  GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
                       I18N("Key file saved"));

  return 0;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile__ActivateKey(GWEN_CRYPT_TOKEN *ct, uint32_t id, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  int rv;
  int i;
  uint32_t keyNum;
  uint8_t kbuf[GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH];
  uint32_t klen;
  GWEN_CRYPT_TOKEN_KEYINFO *cki=NULL;
  GWEN_CRYPT_TOKEN_KEYINFO *ki;
  GWEN_CRYPT_KEY *key;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  keyNum=id & 0xffff;

  i=id>>16;
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (i==0)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i--;
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
    return GWEN_ERROR_NOT_FOUND;
  }

  key=GWEN_CTF_Context_GetTempLocalSignKey(ctx);
  if (key==NULL) {
    DBG_ERROR(GWEN_LOGDOMAIN, "No temporary local sign key.");
    return GWEN_ERROR_NOT_FOUND;
  }
  key=GWEN_Crypt_KeyRsa_dup(key);

  /* set key */
  if (keyNum==1)
    cki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx);
  else if (keyNum==6)
    cki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx);
  else {
    GWEN_Gui_ProgressLog2(gid, GWEN_LoggerLevel_Error,
                          I18N("Invalid key id %02x"), id);
    GWEN_Crypt_Key_free(key);
    return GWEN_ERROR_NO_DATA;
  }
  if (cki==NULL) {
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
                         I18N("No key info found"));
    GWEN_Crypt_Key_free(key);
    return GWEN_ERROR_NO_DATA;
  }

  /* update key info for the key */
  ki=GWEN_Crypt_Token_KeyInfo_dup(cki);
  assert(ki);

  /* get modulus */
  klen=sizeof(kbuf);
  rv=GWEN_Crypt_KeyRsa_GetModulus(key, kbuf, &klen);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
    GWEN_Crypt_Token_KeyInfo_free(ki);
    GWEN_Crypt_Key_free(key);
    return rv;
  }
  GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);

  /* get exponent */
  klen=sizeof(kbuf);
  rv=GWEN_Crypt_KeyRsa_GetExponent(key, kbuf, &klen);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
    GWEN_Crypt_Token_KeyInfo_free(ki);
    GWEN_Crypt_Key_free(key);
    return rv;
  }
  GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
  GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(key));
  GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(key));

  if (keyNum==1) {
    if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN) {
      DBG_DEBUG(GWEN_LOGDOMAIN, "Adding mode \"direct sign\" to key");
      GWEN_Crypt_KeyRsa_AddFlags(key, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
    }
    GWEN_CTF_Context_SetLocalSignKey(ctx, key);
    GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
    GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, 1);
    GWEN_CTF_Context_SetLocalSignKeyInfo(ctx, ki);
  }
  else if (keyNum==6) {
    if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN) {
      DBG_DEBUG(GWEN_LOGDOMAIN, "Adding mode \"direct sign\" to key");
      GWEN_Crypt_KeyRsa_AddFlags(key, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
    }
    GWEN_CTF_Context_SetLocalAuthKey(ctx, key);
    GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
    GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, 1);
    GWEN_CTF_Context_SetLocalAuthKeyInfo(ctx, ki);
  }

  rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
                         I18N("Unable to write key file"));
    return rv;
  }

  GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
                       I18N("Key file saved"));

  return 0;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile__GetContextIdList(GWEN_CRYPT_TOKEN *ct,
                                                         uint32_t *pIdList,
                                                         uint32_t *pCount,
                                                         uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  int i;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  /* count keys */
  i=0;
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    i++;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
  }

  /* store number of entries */
  *pCount=i;

  /* if no buffer given just return number of keys */
  if (pIdList==NULL)
    return 0;

  if (*pCount<i) {
    DBG_INFO(GWEN_LOGDOMAIN, "Buffer too small");
    return GWEN_ERROR_BUFFER_OVERFLOW;
  }

  i=1;
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    *(pIdList++)=i;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i++;
  }

  return 0;
}


const GWEN_CRYPT_TOKEN_CONTEXT *GWENHYWFAR_CB GWEN_Crypt_TokenFile__GetContext(GWEN_CRYPT_TOKEN *ct,
                                                                               uint32_t id,
                                                                               uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return NULL;
  }

  if (id==0) {
    DBG_INFO(GWEN_LOGDOMAIN, "Invalid context id 0");
    return NULL;
  }

  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (GWEN_Crypt_Token_Context_GetId(ctx)==id)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", id);
    return NULL;
  }

  return ctx;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile__SetContext(GWEN_CRYPT_TOKEN *ct,
                                                   uint32_t id,
                                                   const GWEN_CRYPT_TOKEN_CONTEXT *nctx,
                                                   uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  int rv;
  const char *s;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  if (id==0) {
    DBG_INFO(GWEN_LOGDOMAIN, "Invalid context id 0");
    return GWEN_ERROR_INVALID;
  }

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (GWEN_Crypt_Token_Context_GetId(ctx)==id)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", id);
    return GWEN_ERROR_NOT_FOUND;
  }

  /* copy user data from context */
  s=GWEN_Crypt_Token_Context_GetServiceId(nctx);
  GWEN_Crypt_Token_Context_SetServiceId(ctx, s);
  s=GWEN_Crypt_Token_Context_GetUserId(nctx);
  GWEN_Crypt_Token_Context_SetUserId(ctx, s);
  s=GWEN_Crypt_Token_Context_GetUserName(nctx);
  GWEN_Crypt_Token_Context_SetUserName(ctx, s);
  s=GWEN_Crypt_Token_Context_GetPeerId(nctx);
  GWEN_Crypt_Token_Context_SetPeerId(ctx, s);
  s=GWEN_Crypt_Token_Context_GetAddress(nctx);
  GWEN_Crypt_Token_Context_SetAddress(ctx, s);
  GWEN_Crypt_Token_Context_SetPort(ctx, GWEN_Crypt_Token_Context_GetPort(nctx));
  s=GWEN_Crypt_Token_Context_GetSystemId(nctx);
  GWEN_Crypt_Token_Context_SetSystemId(ctx, s);

  return 0;
}


GWEN_CRYPT_KEY *GWEN_Crypt_TokenFile__GetKey(GWEN_CRYPT_TOKEN *ct, uint32_t id, uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  int i;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return NULL;
  }

  i=id>>16;
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (i==0)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i--;
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (context out of range)", id);
    return NULL;
  }

  switch (id & 0xffff) {
  case 1:
    return GWEN_CTF_Context_GetLocalSignKey(ctx);
  case 2:
    return GWEN_CTF_Context_GetLocalCryptKey(ctx);
  case 3:
    return GWEN_CTF_Context_GetRemoteSignKey(ctx);
  case 4:
    return GWEN_CTF_Context_GetRemoteCryptKey(ctx);
  case 5:
    return GWEN_CTF_Context_GetLocalAuthKey(ctx);
  case 6:
    return GWEN_CTF_Context_GetRemoteAuthKey(ctx);
  default:
    DBG_INFO(GWEN_LOGDOMAIN, "No key by id [%x] known (key id out of range)", id);
    return NULL;
  }
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile__Sign(GWEN_CRYPT_TOKEN *ct,
                                             uint32_t keyId,
                                             GWEN_CRYPT_PADDALGO *a,
                                             const uint8_t *pInData,
                                             uint32_t inLen,
                                             uint8_t *pSignatureData,
                                             uint32_t *pSignatureLen,
                                             uint32_t *pSeqCounter,
                                             uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  GWEN_CRYPT_KEY *k;
  int keyNum;
  GWEN_BUFFER *srcBuf;
  int i;
  int rv;
  GWEN_CRYPT_PADDALGOID aid;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  DBG_INFO(GWEN_LOGDOMAIN, "Signing with key %d", keyId);
  aid=GWEN_Crypt_PaddAlgo_GetId(a);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  /* get context */
  i=(keyId>>16);
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  if (ctx==NULL) {
    DBG_ERROR(GWEN_LOGDOMAIN, "Token has no context");
    return GWEN_ERROR_NOT_FOUND;
  }
  while (ctx) {
    if (i==0)
      break;
    DBG_ERROR(GWEN_LOGDOMAIN, "Checking token %d (i==%d)",
              GWEN_Crypt_Token_Context_GetId(ctx), i);
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i--;
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
    return GWEN_ERROR_NOT_FOUND;
  }

  /* get key */
  keyNum=keyId & 0xffff;
  if (keyNum!=1 && keyNum!=5) {
    /* neither localSignKey nor localAuthKey */
    DBG_INFO(GWEN_LOGDOMAIN, "Bad key for signing (%x)", keyId);
    return GWEN_ERROR_INVALID;
  }

  k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
  if (k==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "Key not found");
    return GWEN_ERROR_NOT_FOUND;
  }

  /* copy to a buffer for padding */
  srcBuf=GWEN_Buffer_new(0, inLen, 0, 0);

  if (aid==GWEN_Crypt_PaddAlgoId_Pkcs1_Pss_Sha256) {
    const GWEN_CRYPT_TOKEN_KEYINFO *ki;
    int nbits;
    const uint8_t *modPtr;
    uint32_t modLen;
    GWEN_MDIGEST *md;

    switch (keyId & 0xffff) {
    case 1:
      ki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx);
      break;
    case 5:
      ki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx);
      break;
    default:
      ki=NULL;
    }

    if (ki==NULL) {
      DBG_ERROR(GWEN_LOGDOMAIN, "No information for key %d", keyNum);
      GWEN_Buffer_free(srcBuf);
      return GWEN_ERROR_GENERIC;
    }

    /* calculate real number of bits */
    modPtr=GWEN_Crypt_Token_KeyInfo_GetModulusData(ki);
    modLen=GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki);
    nbits=modLen*8;
    while (modLen && *modPtr==0) {
      nbits-=8;
      modLen--;
      modPtr++;
    }
    if (modLen) {
      uint8_t b=*modPtr;
      int i;
      uint8_t mask=0x80;

      for (i=0; i<8; i++) {
        if (b & mask)
          break;
        nbits--;
        mask>>=1;
      }
    }

    if (nbits==0) {
      DBG_ERROR(GWEN_LOGDOMAIN, "Empty modulus");
      GWEN_Buffer_free(srcBuf);
      return GWEN_ERROR_GENERIC;
    }

    md=GWEN_MDigest_Sha256_new();
    GWEN_Buffer_AllocRoom(srcBuf, modLen);

    rv=GWEN_Padd_AddPkcs1Pss((uint8_t *) GWEN_Buffer_GetStart(srcBuf),
                             GWEN_Buffer_GetMaxUnsegmentedWrite(srcBuf),
                             nbits,
                             pInData, inLen,
                             inLen,
                             md);
    GWEN_MDigest_free(md);
    if (rv<0) {
      DBG_ERROR(GWEN_LOGDOMAIN, "here (%d)", rv);
      GWEN_Buffer_free(srcBuf);
      return rv;
    }

    GWEN_Buffer_IncrementPos(srcBuf, rv);
    GWEN_Buffer_AdjustUsedBytes(srcBuf);
  }
  else {
    GWEN_Buffer_AppendBytes(srcBuf, (const char *)pInData, inLen);

    /* padd according to given algo */
    rv=GWEN_Padd_ApplyPaddAlgo(a, srcBuf);
    if (rv) {
      DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
      GWEN_Buffer_free(srcBuf);
      return rv;
    }
  }

  /* sign with key */
  rv=GWEN_Crypt_Key_Sign(k,
                         (const uint8_t *)GWEN_Buffer_GetStart(srcBuf),
                         GWEN_Buffer_GetUsedBytes(srcBuf),
                         pSignatureData,
                         pSignatureLen);
  GWEN_Buffer_free(srcBuf);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  if (pSeqCounter) {
    GWEN_CRYPT_TOKEN_KEYINFO *ki;

    /* signature sequence counter is to be incremented */
    switch (keyId & 0xffff) {
    case 1:
      ki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx);
      break;
    case 5:
      ki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx);
      break;
    default:
      ki=NULL;
    }
    if (ki &&
        (GWEN_Crypt_Token_KeyInfo_GetFlags(ki) & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER)) {
      unsigned int seq;

      seq=GWEN_Crypt_Token_KeyInfo_GetSignCounter(ki);
      *pSeqCounter=seq;
      GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, ++seq);

      rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
      if (rv) {
        DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
        return rv;
      }
    }
    else {
      DBG_WARN(GWEN_LOGDOMAIN, "No sign counter for key %04x", keyId);
      *pSeqCounter=0;
    }
  }

  return 0;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile__Verify(GWEN_CRYPT_TOKEN *ct,
                                               uint32_t keyId,
                                               GWEN_CRYPT_PADDALGO *a,
                                               const uint8_t *pInData,
                                               uint32_t inLen,
                                               const uint8_t *pSignatureData,
                                               uint32_t signatureLen,
                                               uint32_t seqCounter,
                                               uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  GWEN_CRYPT_KEY *k;
  int keyNum;
  int i;
  int rv;
  GWEN_CRYPT_PADDALGOID aid;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  DBG_INFO(GWEN_LOGDOMAIN, "Verifying with key %d", keyId);

  aid=GWEN_Crypt_PaddAlgo_GetId(a);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  /* get context */
  i=(keyId>>16);
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (i==0)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i--;
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
    return GWEN_ERROR_NOT_FOUND;
  }

  /* get key */
  keyNum=keyId & 0xffff;
  if (keyNum!=1 && keyNum!=3 && keyNum!=6) {
    /* neither remoteSignKey nor remoteAuthKey */
    DBG_INFO(GWEN_LOGDOMAIN, "Bad key for verifying (%x)", keyId);
    return GWEN_ERROR_INVALID;
  }

  k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
  if (k==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "Key not found");
    return GWEN_ERROR_NO_KEY;
  }

  if (aid==GWEN_Crypt_PaddAlgoId_Iso9796_2 ||
      aid==GWEN_Crypt_PaddAlgoId_Pkcs1_2 ||
      aid==GWEN_Crypt_PaddAlgoId_Pkcs1_Pss_Sha256) {
    GWEN_BUFFER *tbuf;
    uint32_t l;

    /* these algos add random numbers, we must use encrypt fn here and
     * compare the decrypted and unpadded data with the source data */
    tbuf=GWEN_Buffer_new(0, signatureLen+16, 0, 0);
    l=GWEN_Buffer_GetMaxUnsegmentedWrite(tbuf);
    rv=GWEN_Crypt_Key_Encipher(k,
                               pSignatureData, signatureLen,
                               (uint8_t *)GWEN_Buffer_GetStart(tbuf),
                               &l);
    if (rv<0) {
      DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
      GWEN_Buffer_free(tbuf);
      return rv;
    }
    GWEN_Buffer_IncrementPos(tbuf, l);
    GWEN_Buffer_AdjustUsedBytes(tbuf);

    if (aid==GWEN_Crypt_PaddAlgoId_Pkcs1_Pss_Sha256) {
      const GWEN_CRYPT_TOKEN_KEYINFO *ki;
      int nbits;
      const uint8_t *modPtr;
      uint32_t modLen;
      GWEN_MDIGEST *md;

      if (keyNum==3)
        ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(ctx);
      else
        ki=GWEN_CTF_Context_GetRemoteAuthKeyInfo(ctx);
      if (ki==NULL) {
        DBG_ERROR(GWEN_LOGDOMAIN, "No information for key %d", keyNum);
        GWEN_Buffer_free(tbuf);
        return GWEN_ERROR_GENERIC;
      }

      /* calculate real number of bits */
      modPtr=GWEN_Crypt_Token_KeyInfo_GetModulusData(ki);
      modLen=GWEN_Crypt_Token_KeyInfo_GetModulusLen(ki);
      nbits=modLen*8;
      while (modLen && *modPtr==0) {
        nbits-=8;
        modLen--;
        modPtr++;
      }
      if (modLen) {
        uint8_t b=*modPtr;
        int i;
        uint8_t mask=0x80;

        for (i=0; i<8; i++) {
          if (b & mask)
            break;
          nbits--;
          mask>>=1;
        }
      }

      if (nbits==0) {
        DBG_ERROR(GWEN_LOGDOMAIN, "Empty modulus");
        GWEN_Buffer_free(tbuf);
        return GWEN_ERROR_GENERIC;
      }

      md=GWEN_MDigest_Sha256_new();
      rv=GWEN_Padd_VerifyPkcs1Pss((const uint8_t *) GWEN_Buffer_GetStart(tbuf),
                                  GWEN_Buffer_GetUsedBytes(tbuf),
                                  nbits,
                                  pInData, inLen,
                                  inLen,
                                  md);
      GWEN_MDigest_free(md);
      if (rv<0) {
        DBG_ERROR(GWEN_LOGDOMAIN, "here (%d)", rv);
        GWEN_Buffer_free(tbuf);
        return rv;
      }
    }
    else {
      rv=GWEN_Padd_UnapplyPaddAlgo(a, tbuf);
      if (rv<0) {
        DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
        GWEN_Buffer_free(tbuf);
        return rv;
      }
      l=GWEN_Buffer_GetUsedBytes(tbuf);

      if (l!=inLen) {
        DBG_ERROR(GWEN_LOGDOMAIN, "Signature length doesn't match");
        GWEN_Buffer_free(tbuf);
        return GWEN_ERROR_VERIFY;
      }
      if (memcmp(pInData, GWEN_Buffer_GetStart(tbuf), l)!=0) {
        DBG_ERROR(GWEN_LOGDOMAIN, "Signature doesn't match:");
        GWEN_Buffer_free(tbuf);
        return GWEN_ERROR_VERIFY;
      }
    }
    GWEN_Buffer_free(tbuf);
  }
  else {
    GWEN_BUFFER *srcBuf;

    /* copy to a buffer for padding */
    srcBuf=GWEN_Buffer_new(0, inLen, 0, 0);
    GWEN_Buffer_AppendBytes(srcBuf, (const char *)pInData, inLen);

    /* padd according to given algo */
    rv=GWEN_Padd_ApplyPaddAlgo(a, srcBuf);
    if (rv) {
      DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
      GWEN_Buffer_free(srcBuf);
      return rv;
    }

    /* verify with key */
    rv=GWEN_Crypt_Key_Verify(k,
                             (const uint8_t *)GWEN_Buffer_GetStart(srcBuf),
                             GWEN_Buffer_GetUsedBytes(srcBuf),
                             pSignatureData,
                             signatureLen);
    GWEN_Buffer_free(srcBuf);
    if (rv) {
      DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
      return rv;
    }
  }

  if (seqCounter) {
    GWEN_CRYPT_TOKEN_KEYINFO *ki;

    /* signature sequence counter is to be checked */
    if (keyNum==3)
      ki=GWEN_CTF_Context_GetRemoteSignKeyInfo(ctx);
    else
      ki=GWEN_CTF_Context_GetRemoteAuthKeyInfo(ctx);
    if (ki &&
        (GWEN_Crypt_Token_KeyInfo_GetFlags(ki) & GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER)) {
      unsigned int seq;

      seq=GWEN_Crypt_Token_KeyInfo_GetSignCounter(ki);

      if (seq>=seqCounter) {
        DBG_WARN(GWEN_LOGDOMAIN, "Bad remote sequence counter (possibly replay attack!)");
        return GWEN_ERROR_VERIFY;
      }
      GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, seqCounter);

      /* write file */
      rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
      if (rv) {
        DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
        return rv;
      }
    }
    else {
      DBG_WARN(GWEN_LOGDOMAIN, "No sign counter for key %04x", keyId);
    }

  }

  return 0;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile__Encipher(GWEN_CRYPT_TOKEN *ct,
                                                 uint32_t keyId,
                                                 GWEN_CRYPT_PADDALGO *a,
                                                 const uint8_t *pInData,
                                                 uint32_t inLen,
                                                 uint8_t *pOutData,
                                                 uint32_t *pOutLen,
                                                 uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  GWEN_CRYPT_KEY *k;
  int keyNum;
  GWEN_BUFFER *srcBuf;
  int i;
  int rv;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  DBG_INFO(GWEN_LOGDOMAIN, "Enciphering with key %d", keyId);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  /* get context */
  i=(keyId>>16);
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (i==0)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i--;
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
    return GWEN_ERROR_NOT_FOUND;
  }

  /* get key */
  keyNum=keyId & 0xffff;
  if (keyNum!=2 && keyNum!=4) {
    /* not remoteCryptKey */
    DBG_INFO(GWEN_LOGDOMAIN, "Bad key for encrypting (%x)", keyId);
    return GWEN_ERROR_INVALID;
  }

  k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
  if (k==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "Key %d not found", keyId);
    return GWEN_ERROR_NOT_FOUND;
  }

  /* copy to a buffer for padding */
  srcBuf=GWEN_Buffer_new(0, inLen, 0, 0);
  GWEN_Buffer_AppendBytes(srcBuf, (const char *)pInData, inLen);
  GWEN_Buffer_Rewind(srcBuf);

  /* padd according to given algo */
  rv=GWEN_Padd_ApplyPaddAlgo(a, srcBuf);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    GWEN_Buffer_free(srcBuf);
    return rv;
  }

  /* encipher with key */
  rv=GWEN_Crypt_Key_Encipher(k,
                             (const uint8_t *)GWEN_Buffer_GetStart(srcBuf),
                             GWEN_Buffer_GetUsedBytes(srcBuf),
                             pOutData,
                             pOutLen);
  GWEN_Buffer_free(srcBuf);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  return 0;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile__Decipher(GWEN_CRYPT_TOKEN *ct,
                                                 uint32_t keyId,
                                                 GWEN_CRYPT_PADDALGO *a,
                                                 const uint8_t *pInData,
                                                 uint32_t inLen,
                                                 uint8_t *pOutData,
                                                 uint32_t *pOutLen,
                                                 uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  GWEN_CRYPT_KEY *k;
  int keyNum;
  GWEN_BUFFER *tbuf;
  int i;
  int rv;
  uint32_t l;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  DBG_INFO(GWEN_LOGDOMAIN, "Deciphering with key %d", keyId);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  /* get context */
  i=(keyId>>16);
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (i==0)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i--;
  }

  if (ctx==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "No context by id [%x] known", (keyId>>16) & 0xffff);
    return GWEN_ERROR_NOT_FOUND;
  }

  /* get key */
  keyNum=keyId & 0xffff;
  if (keyNum!=2 && keyNum!=4) {
    /* not localCryptKey */
    DBG_INFO(GWEN_LOGDOMAIN, "Bad key for decrypting (%x)", keyId);
    return GWEN_ERROR_INVALID;
  }

  k=GWEN_Crypt_TokenFile__GetKey(ct, keyId, gid);
  if (k==NULL) {
    DBG_INFO(GWEN_LOGDOMAIN, "Key not found");
    return GWEN_ERROR_NOT_FOUND;
  }

  /* decipher with key */
  tbuf=GWEN_Buffer_new(0, inLen+16, 0, 1);
  l=GWEN_Buffer_GetMaxUnsegmentedWrite(tbuf);
  rv=GWEN_Crypt_Key_Decipher(k,
                             pInData, inLen,
                             (uint8_t *)GWEN_Buffer_GetStart(tbuf), &l);
  if (rv<0) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    GWEN_Buffer_free(tbuf);
    return rv;
  }
  GWEN_Buffer_IncrementPos(tbuf, l);
  GWEN_Buffer_AdjustUsedBytes(tbuf);

  /* unpadd according to given algo */
  rv=GWEN_Padd_UnapplyPaddAlgo(a, tbuf);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    GWEN_Buffer_free(tbuf);
    return rv;
  }

  /* copy resulting data to given buffer */
  l=GWEN_Buffer_GetUsedBytes(tbuf);
  if (l>*pOutLen) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    GWEN_Buffer_free(tbuf);
    return GWEN_ERROR_BUFFER_OVERFLOW;
  }
  memmove(pOutData, GWEN_Buffer_GetStart(tbuf), l);
  *pOutLen=l;
  GWEN_Buffer_free(tbuf);

  return 0;
}


int GWENHYWFAR_CB GWEN_Crypt_TokenFile__GenerateKey(GWEN_CRYPT_TOKEN *ct,
                                                    uint32_t keyId,
                                                    const GWEN_CRYPT_CRYPTALGO *a,
                                                    uint32_t gid)
{
  GWEN_CRYPT_TOKEN_FILE *lct;
  GWEN_CRYPT_KEY *pubKey;
  GWEN_CRYPT_KEY *secKey;
  int rv;
  uint32_t keyNum;
  GWEN_CRYPT_TOKEN_CONTEXT *ctx;
  int i;
  uint8_t kbuf[GWEN_CRYPT_KEYRSA_MAX_KEYLENGTH];
  uint32_t klen;
  GWEN_CRYPT_TOKEN_KEYINFO *cki;
  GWEN_CRYPT_TOKEN_KEYINFO *ki;

  assert(ct);
  lct=GWEN_INHERIT_GETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct);
  assert(lct);

  /* reload if needed */
  rv=GWEN_Crypt_TokenFile__ReloadIfNeeded(ct, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    return rv;
  }

  keyNum=keyId & 0xffff;

  /* check key id */
  if (keyNum!=1 && keyNum!=2 && keyNum!=5 && keyNum!=7) {
    DBG_INFO(GWEN_LOGDOMAIN, "Can only generate local keys.");
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
                         I18N("Can only generate local keys."));
    return GWEN_ERROR_NOT_SUPPORTED;
  }

  /* check for algo */
  if (GWEN_Crypt_CryptAlgo_GetId(a)!=GWEN_Crypt_CryptAlgoId_Rsa) {
    DBG_INFO(GWEN_LOGDOMAIN, "Only RSA keys supported.");
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
                         I18N("Only RSA keys supported."));
    return GWEN_ERROR_NOT_SUPPORTED;
  }

  /* get context */
  i=(keyId>>16);
  ctx=GWEN_Crypt_Token_Context_List_First(lct->contextList);
  while (ctx) {
    if (i==0)
      break;
    ctx=GWEN_Crypt_Token_Context_List_Next(ctx);
    i--;
  }

  /* generate key pair */
  DBG_INFO(GWEN_LOGDOMAIN, "Creating key pair using %d bytes", GWEN_Crypt_CryptAlgo_GetChunkSize(a));
  rv=GWEN_Crypt_KeyRsa_GeneratePair(GWEN_Crypt_CryptAlgo_GetChunkSize(a),
                                    (GWEN_Crypt_Token_GetModes(ct) &
                                     GWEN_CRYPT_TOKEN_MODE_EXP_65537)?1:0,
                                    &pubKey,
                                    &secKey);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
                         I18N("Could not generate key"));
    return rv;
  }

  GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
                       I18N("Key generated"));

  /* set key */
  if (keyNum==1)
    cki=GWEN_CTF_Context_GetLocalSignKeyInfo(ctx);
  else if (keyNum==2)
    cki=GWEN_CTF_Context_GetLocalCryptKeyInfo(ctx);
  else if (keyNum==5)
    cki=GWEN_CTF_Context_GetLocalAuthKeyInfo(ctx);
  else if (keyNum==7)
    cki=GWEN_CTF_Context_GetTempLocalSignKeyInfo(ctx);
  else
    cki=NULL;

  if (cki==NULL) {
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
                         I18N("No key info found"));
    return GWEN_ERROR_NO_DATA;
  }

  /* update key info for the key */
  ki=GWEN_Crypt_Token_KeyInfo_dup(cki);
  assert(ki);

  /* get modulus */
  klen=sizeof(kbuf);
  rv=GWEN_Crypt_KeyRsa_GetModulus(pubKey, kbuf, &klen);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "No modulus for key");
    GWEN_Crypt_Token_KeyInfo_free(ki);
    GWEN_Crypt_Key_free(pubKey);
    return rv;
  }
  GWEN_Crypt_Token_KeyInfo_SetModulus(ki, kbuf, klen);

  /* get exponent */
  klen=sizeof(kbuf);
  rv=GWEN_Crypt_KeyRsa_GetExponent(pubKey, kbuf, &klen);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "No exponent for key");
    GWEN_Crypt_Token_KeyInfo_free(ki);
    GWEN_Crypt_Key_free(pubKey);
    return rv;
  }
  GWEN_Crypt_Token_KeyInfo_SetExponent(ki, kbuf, klen);
  GWEN_Crypt_Token_KeyInfo_SetKeyNumber(ki, GWEN_Crypt_Key_GetKeyNumber(pubKey));
  GWEN_Crypt_Token_KeyInfo_SetKeyVersion(ki, GWEN_Crypt_Key_GetKeyVersion(pubKey));

  if (keyNum==1) {
    if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN) {
      DBG_DEBUG(GWEN_LOGDOMAIN, "Adding mode \"direct sign\" to key");
      GWEN_Crypt_KeyRsa_AddFlags(secKey, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
    }
    GWEN_CTF_Context_SetLocalSignKey(ctx, secKey);
    GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
    GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, 1);
    GWEN_CTF_Context_SetLocalSignKeyInfo(ctx, ki);
  }
  else if (keyNum==2) {
    GWEN_CTF_Context_SetLocalCryptKey(ctx, secKey);
    GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANENCIPHER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANDECIPHER);
    GWEN_CTF_Context_SetLocalCryptKeyInfo(ctx, ki);
  }
  else if (keyNum==5) {
    if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN) {
      DBG_DEBUG(GWEN_LOGDOMAIN, "Adding mode \"direct sign\" to key");
      GWEN_Crypt_KeyRsa_AddFlags(secKey, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
    }
    GWEN_CTF_Context_SetLocalAuthKey(ctx, secKey);
    GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
    GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, 1);
    GWEN_CTF_Context_SetLocalAuthKeyInfo(ctx, ki);
  }
  else if (keyNum==7) {
    if (GWEN_Crypt_Token_GetModes(ct) & GWEN_CRYPT_TOKEN_MODE_DIRECT_SIGN) {
      DBG_DEBUG(GWEN_LOGDOMAIN, "Adding mode \"direct sign\" to key");
      GWEN_Crypt_KeyRsa_AddFlags(secKey, GWEN_CRYPT_KEYRSA_FLAGS_DIRECTSIGN);
    }
    GWEN_CTF_Context_SetTempLocalSignKey(ctx, secKey);
    GWEN_Crypt_Token_KeyInfo_AddFlags(ki,
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASMODULUS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASEXPONENT |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYNUMBER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASKEYVERSION |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASSIGNCOUNTER |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_HASACTIONFLAGS |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANVERIFY |
                                      GWEN_CRYPT_TOKEN_KEYFLAGS_CANSIGN);
    GWEN_Crypt_Token_KeyInfo_SetSignCounter(ki, 1);
    GWEN_CTF_Context_SetTempLocalSignKeyInfo(ctx, ki);
  }

  /* the public key is not used */
  GWEN_Crypt_Key_free(pubKey);

  rv=GWEN_Crypt_TokenFile__WriteFile(ct, 0, gid);
  if (rv) {
    DBG_INFO(GWEN_LOGDOMAIN, "Unable to write file");
    GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Error,
                         I18N("Unable to write key file"));
    return rv;
  }

  GWEN_Gui_ProgressLog(gid, GWEN_LoggerLevel_Notice,
                       I18N("Key generated and set"));

  return 0;
}


GWENHYWFAR_CB
void GWEN_Crypt_TokenFile_freeData(GWEN_UNUSED void *bp, void *p)
{
  GWEN_CRYPT_TOKEN_FILE *lct;

  lct=(GWEN_CRYPT_TOKEN_FILE *) p;
  GWEN_Crypt_Token_Context_List_free(lct->contextList);

  GWEN_FREE_OBJECT(lct);
}


GWEN_CRYPT_TOKEN *GWEN_Crypt_TokenFile_new(const char *typeName,
                                           const char *tokenName)
{
  GWEN_CRYPT_TOKEN *ct;
  GWEN_CRYPT_TOKEN_FILE *lct;

  ct=GWEN_Crypt_Token_new(GWEN_Crypt_Token_Device_File, typeName, tokenName);
  assert(ct);

  GWEN_NEW_OBJECT(GWEN_CRYPT_TOKEN_FILE, lct);
  lct->contextList=GWEN_Crypt_Token_Context_List_new();
  GWEN_INHERIT_SETDATA(GWEN_CRYPT_TOKEN, GWEN_CRYPT_TOKEN_FILE, ct, lct,
                       GWEN_Crypt_TokenFile_freeData);
  GWEN_Crypt_Token_SetOpenFn(ct, GWEN_Crypt_TokenFile_Open);
  GWEN_Crypt_Token_SetCreateFn(ct, GWEN_Crypt_TokenFile_Create);
  GWEN_Crypt_Token_SetCloseFn(ct, GWEN_Crypt_TokenFile_Close);
  GWEN_Crypt_Token_SetGetKeyIdListFn(ct, GWEN_Crypt_TokenFile__GetKeyIdList);
  GWEN_Crypt_Token_SetGetKeyInfoFn(ct, GWEN_Crypt_TokenFile__GetKeyInfo);
  GWEN_Crypt_Token_SetSetKeyInfoFn(ct, GWEN_Crypt_TokenFile__SetKeyInfo);
  GWEN_Crypt_Token_SetGetContextIdListFn(ct, GWEN_Crypt_TokenFile__GetContextIdList);
  GWEN_Crypt_Token_SetGetContextFn(ct, GWEN_Crypt_TokenFile__GetContext);
  GWEN_Crypt_Token_SetSetContextFn(ct, GWEN_Crypt_TokenFile__SetContext);
  GWEN_Crypt_Token_SetSignFn(ct, GWEN_Crypt_TokenFile__Sign);
  GWEN_Crypt_Token_SetVerifyFn(ct, GWEN_Crypt_TokenFile__Verify);
  GWEN_Crypt_Token_SetEncipherFn(ct, GWEN_Crypt_TokenFile__Encipher);
  GWEN_Crypt_Token_SetDecipherFn(ct, GWEN_Crypt_TokenFile__Decipher);
  GWEN_Crypt_Token_SetGenerateKeyFn(ct, GWEN_Crypt_TokenFile__GenerateKey);
  GWEN_Crypt_Token_SetActivateKeyFn(ct, GWEN_Crypt_TokenFile__ActivateKey);

  return ct;
}